Information Processing Device, Information Processing Method, and Computer Program Product

1. An information processing device comprising: processing circuitry configured to: verify integrity of software registered in a whitelist at a timing which does not depend on an execution start of software and generate an execution permission list in which software which is successfully verified is registered as execution-permitted software; permit execution of the software when the execution start of the software is detected and the software is registered in the execution permission list as the execution-permitted software; detect rewriting of software; and invalidate, when software whose rewriting is detected is registered in the execution permission list as the execution-permitted software, registration of the software as the execution-permitted software in the execution permission list.

2. The information processing device according to claim 1 , wherein the processing circuitry invalidates the registration of the software as the execution-permitted software in the execution permission list by deleting an entry of the software whose rewriting is detected from the execution permission list.

3. The information processing device according to claim 1 , wherein each entry of the execution permission list includes a first flag, the processing circuitry validates the first flag assigned to an entry of software that is successfully verified in the execution permission list, and the processing circuitry permits the execution of the software when the first flag assigned to the entry of the software whose execution start is detected is valid in the execution permission list.

4. The information processing device according to claim 1 , wherein the processing circuitry invalidates the first flag assigned to the entry of the software whose rewriting is detected in the execution permission list.

5. The information processing device according to claim 1 , wherein the processing circuitry registers software which fails in the verification in the execution permission list and invalidates the first flag assigned to the entry of the software.

6. The information processing device according to claim 1 , wherein, when an execution start of software which is not registered in the execution permission list as the execution-permitted software is detected, the processing circuitry verifies integrity of the software, permits execution of the software if the verification is successfully performed, and registers the software in the execution permission list as the execution-permitted software.

7. The information processing device according to claim 1 , wherein the processing circuitry determines whether or not verification of the integrity of the software whose execution start is detected is performed based on a value of the first flag.

8. The information processing device according to claim 1 , wherein the processing circuitry performs verification of integrity of software corresponding to a predetermined condition among software registered in the whitelist.

9. The information processing device according to claim 8 , wherein each entry of the whitelist includes a second flag, and the predetermined condition of the software to be verified is a condition that the software is a software registered in an entry in which the second flag is valid in the whitelists.

10. The information processing device according to claim 1 , wherein the timing which does not depend on the execution start of the software is a time at which the processing circuitry is activated.

11. The information processing device according to claim 1 , wherein the timing which does not depend on the execution start of the software is a time at which specific software different from the software is activated.

12. The information processing device according to claim 1 , wherein the timing which does not depend on the execution start of the software is a time at which the processing circuitry receives a specific signal.

13. The information processing device according to claim 1 , wherein, when an execution start of first software is detected while a process by the processing circuitry is being performed, the processing circuitry stops the process, and the processing circuitry verifies integrity of the first software and permits execution of the first software when the verification is successfully performed.

14. An information processing method executed by an information processing device, comprising: verifying integrity of software registered in a whitelist at a predetermined timing which does not depend on an execution start of software and generating an execution permission list in which software which is successfully verified is registered as execution-permitted software; permitting execution of the software when the execution start of the software is detected and the software is registered in the execution permission list as the execution-permitted software; detecting rewriting of software; and invalidating, when software whose rewriting is detected is registered in the execution permission list as the execution-permitted software, registration of the software as the execution-permitted software in the execution permission list.

15. A computer program product including a non-transitory computer-readable medium including a programmed instructions, wherein the instructions, when executed by a computer, cause the computer to perform: verifying integrity of software registered in a whitelist at a timing which does not depend on an execution start of software and generates an execution permission list in which software which is successfully verified is registered as execution-permitted software; permitting execution of the software when the execution start of the software is detected and the software is registered in the execution permission list as the execution-permitted software; detecting rewriting of software; and invalidating, when software whose rewriting is detected is registered in the execution permission list as the execution-permitted software, registration of the software as the execution-permitted software in the execution permission list.

16. An information processing device, comprising: processing circuitry configured to: calculate a hash value of software registered in a whitelist at a timing which does not depend on an execution start of software and generate a hash value list; permit execution of the software when the execution start of the software is detected, a hash value of the software is registered in the hash value list, and the hash value registered in the hash value list coincides with a hash value of the whitelist; detect rewriting of software; and invalidate, when software whose rewriting is detected is registered in an execution permission list in which whitelist-registered software successfully verified for integrity is registered as execution-permitted software, registration of the software as the execution-permitted software in the execution permission list.